Additional Materials:

Contact:

Pursuant to a congressional request, GAO evaluated the Department of the Interior's High-Level Implementation Plan for improving its management of the Indian trust funds and resources under its control, focusing on whether the Interior has reasonable assurance that: (1) the High-Level Plan provides an effective solution for addressing its long-standing problems; and (2) its acquisition of a new asset and land records management service will cost effectively satisfy trust management needs.

GAO noted that: (1) Interior does not have reasonable assurance that its High-Level Plan for improving Indian trust operations provides an effective solution for addressing long-standing management weaknesses; (2) the plan: (a) recognizes the severity of long-standing weaknesses in managing trust fund assets; (b) identifies 13 projects intended to improve information systems, enhance the accuracy and completeness of its data regarding the ownership and lease of Indian lands, and address deficiencies with respect to records management, training, policy and procedures, and internal controls; and (c) assigns responsibility for oversight and management of the 13 projects; (3) however, Interior has not properly analyzed its information technology needs which are essential to the overall success of the plan; (4) until Interior develops an information systems architecture addressing all of its trust management functions, it cannot ensure that its information systems will not be duplicative or incompatible or will optimally support its needs across all business areas; (5) Interior also does not know whether its acquisition of a new service for managing Indian assets and land records will cost-effectively meet trust management needs; (6) before deciding to contract with a service vendor, Interior did not adequately define important service requirements or sufficiently analyze technical alternatives; (7) Interior also did not take the steps needed to minimize acquisition risks; (8) in particular, it did not develop a risk management plan, ensure that the vendor's system could work with Interior's data and systems, or establish realistic project timeframes; and (9) thus, Interior faces an unnecessarily high risk that the service will not meet its general business and specific performance needs, and it lacks the means for dealing with this risk.

Recommendations for Executive Action

Status: Open

Comments: Interior officials stated that the Department agrees with GAO on the need for, and benefits of, an information technology architecture. Interior developed a detailed work plan outlining the tasks and milestones for completing nine phases of its architecture, appointed an architecture project manager, and defined resource requirements for the project. Interior officials initially expected to complete the architecture by August 2002, but encountered difficulties. In August 2002, Interior reported to the Federal District Court, which is hearing class-action trust litigation against Interior, that it has now hired a contractor to assist in defining and documenting a trust architecture. In August 2004, Interior reported to the Court that it had completed a self-assessment which indicated the architecture is being integrated. No completion date was projected as of September 30, 2004.

Recommendation: To ensure that Interior's information systems are compatible and effectively satisfy Interior's business needs, the Secretary of the Interior should direct the Chief Information Officer to develop an information systems architecture for Indian trust operations that: (1) provides a high-level description of Interior's mission and target concept of operations; (2) defines the business functions to be performed and the relationships among functions; the information needed to perform the functions; the users and locations of the functions and information, and the information systems needed to support the department's business needs; (3) identifies the improvement projects to be undertaken, specifying what they will do, how they are interrelated, what data they will exchange, and what their relative priorities are; and (4) details specific standards and approaches that will be used to build or acquire systems, including hardware, software, communications, data management, security, and performance characteristics.

Agency Affected: Department of the Interior

Status: Open

Comments: Interior officials stated that they recognized the need to understand and control the risks related to acquiring a service for managing assets and land records, but due to constraints, they intended to use alternative ways to mitigate the risks. However, after encountering difficulties throughout the system development effort, Interior concluded that requirements and risk management plans should be developed. In August 2002, Interior reported to the Federal District Court, which is hearing class-action trust litigation against Interior, that it has now hired a contractor to identify and document its current trust business processes and practices, from which it will then develop the needed functional requirements. In August 2004, Interior reported to the Court that the trust enterprise architect and subject matter experts continue to develop system requirements specifications for land and natural resource use management.

Recommendation: To reduce the risks GAO identified with the effort to acquire a service for managing assets and land records, the Secretary of the Interior should direct the Chief Information Officer to: (1) clearly define and validate functional requirements, security requirements, and data management requirements; (2) develop and implement an effective risk management plan; and (3) ensure that all project decisions are based on objective data and demonstrated project accomplishments, and are not schedule driven.